Automatic scripts present a number of problems faced by Internet users today. In one scenario, Internet users may receive SPAM or junk e-mail that has relatively little worth to most e-mail users but that may clutter e-mail inboxes, expend a great deal of bandwidth on the Internet, and result in slower response times and decreased efficiency. One of the main causes of SPAM are computers that use scripts to impersonate users. During the registration process for an e-mail address, a computer can use a script to generate multiple e-mail addresses that do not even have a corresponding human user. These multiple e-mail addresses can then be used by the computer to send unwanted e-mail messages to other Internet users.
Computers can be used to run scripts that send out multiple e-mail messages from a user generated e-mail address or from a script generated e-mail address to the same set of recipients. A computer user would take a great deal of time to send out a large number of e-mail messages to a set of recipients. On the other hand, a computer running a script can transmit e-mail messages at the speed that it would take thousands of computer users to perform the same task in the same amount of time.
Another area of services in which scripts post a large problem is Internet voting services and Internet contests. The Internet has many web pages in which users can participate in a poll. For instance, users can vote for their favorite musician, artist, athlete, etc. The user can always return to the web page and vote another time, but the chances are small that most users will bother trying to vote again. However, a computer can use a script to vote a large number of times in a very small amount of time. The result is that the voting results are skewed by a large amount. Further, a user that enters a contest will almost never win if a script places thousands of entries into the same contest.
Bot nets may be a collection of software robots, or bots, which run autonomously and automatically on groups of computers controlled remotely. The term “bot net” is also used to refer to any group of bots, a collection of compromised computers running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure. The bot nets may be controlled remotely, can run hidden, and can comprise the security of systems. Some bot nets may scan environments and propagate themselves using vulnerabilities and weak passwords.
Bot nets have been exploited for various purposes, including denial-of-service attacks, creation or misuse of SMTP mail relays for SPAM, click fraud, spamdexing and the theft of application serial numbers, login IDs, and financial information such as credit card numbers. For example, a bot net may be created and used to send e-mail SPAM. First, a bot net operator may send out viruses or worms, infecting an ordinary user's computer. Then, the “bot” on the infected computer may log into a particular server, which becomes the command-and-control server. Next, a spammer may purchase access to the bot net from the bot net operator, and the spammer may send instructions via the server to the infected computers, causing them to send out spam messages to mail servers.
Online banking services, online shopping applications, and other systems which require the entry of passwords or other sensitive information in a public environment are all susceptible to compromise. What are needed are systems and methods for security management that are user-friendly, not readily susceptible to observation during data entry, and resistant to interception and computational deciphering techniques.